package cn.com.zcode.auth.jstl;

import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.BodyTagSupport;

import cn.com.zcode.user.model.User;

import com.opensymphony.xwork2.ActionContext;

public class AuthorizationTag extends BodyTagSupport {

	private static final long serialVersionUID = 1L;
	public String type;

	public String getType() {
		return type;
	}

	public void setType(String type) {
		this.type = type;
	}

	@Override
	public int doStartTag() throws JspException {
		if (checkAuth()) {
			return EVAL_BODY_INCLUDE;
		} else {
			return SKIP_BODY;
		}

	}

	private boolean checkAuth() {
		ActionContext context = ActionContext.getContext();
		User user = (User) context.getSession().get(User.SESSION_USER);
		if (type != null && user != null) {
			type = type.trim().toLowerCase();
			if ("admin".equals(type)) {
				return user.isAdmin();
			}

		}

		return false;
	}

}
